Mark Engels wrote:
> Hello all,
>
> Im hopeing this is the place to come when seeking some assistance with a squid proxy configuration issue thats giving myself a little grief, and i certainly hope nothing like this has been asked before.
>
> The general idea of what im trying to accomplish is to have a end user enter their username and password credentials as they normaly would do, (there is quota enforcement and site blocking higher up that i have limited control over) and have it so that when a user say goes to www.educationalmaterial.com the local squid proxy users a pre defined username and password to access the material thus not charging the user quota download costs for accessing the material.
>
> The proxy server was supplied to us from head office with pre configured rules to work as a local cache. I hope to leave all the existing rules in place. also all our internet service must filter through this 1 provided proxy, we cannot source external internet or alternet proxies..
>
> A portion of the configuration file is as below.
>
> #####
>
> cache_peer proxy.site.com parent 8080 3130 no-query default login=PASS
> auth_param digest children 5
> auth_param digest realm Squid proxy-caching web server
> auth_param digest nonce_garbage_interval 5 minutes
> auth_param digest nonce_max_duration 30 minutes
> auth_param digest nonce_max_count 50
> auth_param basic children 5
> auth_param basic realm Squid proxy-caching web server
> auth_param basic credentialsttl 2 hours
> auth_param basic casesensitive off
> acl all src 0.0.0.0/0.0.0.0
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl SSL_ports port 443 563
> acl Safe_ports port 80 # http
> acl Safe_ports port 21 # ftp
> acl Safe_ports port 443 563 # https, snews
> acl Safe_ports port 70 # gopher
> acl Safe_ports port 210 # wais
> acl Safe_ports port 1025-65535 # unregistered ports
> acl Safe_ports port 280 # http-mgmt
> acl Safe_ports port 488 # gss-http
> acl Safe_ports port 591 # filemaker
> acl Safe_ports port 777 # multiling http
> acl CONNECT method CONNECT
> http_access allow manager localhost
> http_access deny manager
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> acl block url_regex -i "d:/squid/var/logs/block.conf"
> acl unblock url_regex -i "d:/squid/var/logs/unblock.conf"
> acl nocache url_regex -i "d:/squid/var/logs/nocache.conf"
> no_cache deny nocache
> http_access deny block !unblock
> http_access allow all
> http_access deny all
> http_reply_access allow all
>
>
> #####
> i thought it would be a simple thing to make the required changes and started to aproach with adding the following
> #####
>
> cache_peer proxy.site.com parent 8080 3130 no-query login="free user":pa$$word name=free
> cache_peer_access free allow free_sites
> cache_peer_access free deny all
> acl free_sites url_regex -i "d:/squid/var/logs/freesites.conf"
>
> #####
>
> unfortunately this seemed to break the local cache and im not too sure where ive gone wrong. any help in this or even an alternate solution would be greatly apreciated.
>
You have the right idea. Thats how its done.
But whitespace is not permitted in the parameter.
What you have there is no password with username "free .
> note: changed proxy name and user credentials for privacy reasons, and running squid 2.5 on local and upstream server.
>
Please see my sig... :)
Your HQ provider may need to be made aware that there is no longer any
official support for 2.5. The oldest fully supported version is now 2.7.
Amos
-- Please be using Current Stable Squid 2.7.STABLE7 or 3.0.STABLE24 Current Beta Squid 3.1.0.16Received on Mon Feb 22 2010 - 20:18:15 MST
This archive was generated by hypermail 2.2.0 : Tue Feb 23 2010 - 12:00:06 MST